package com.eva.apidoc.knife4j;

import com.eva.apidoc.ApiDocProperties;
import com.eva.framework.security.adapter.ApiDocAdapter;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;

@Component
public class Knife4jApiDocAdapter implements ApiDocAdapter {

    @Resource
    private ApiDocProperties apiDocProperties;

    @Override
    public boolean isApiDocRequest(HttpServletRequest request) {
        String requestOrigion = request.getHeader("Request-Origion");
        /*
         此处务必判断接口文档是否启用，只有在启用的情况 && 请求头为Knife4j，才视为不是一个安全的请求，
         以方便swagger进行明文参数调试同时，避免恶意用户直接传递Knife4j请求头以绕过加密环节
        */
        return "Knife4j".equals(requestOrigion)
                && apiDocProperties.getEnabled();
    }
}
